Authentication

Calqulate uses JWT Tokens (also known as access tokens) to control access to the API.

📘

Overview

Access tokens are crucial for user access and authorization. On this page, you can read about Calqulate's token-based authentication in order to be able to access our APIs. You can learn what are access tokens, how to generate one and how to use them.

Access Tokens

Access tokens are used in token-based authentication to allow an application to access an API. The application receives an access token after a user successfully authenticates and authorizes access, then passes the access token as a credential when it calls the target API. The passed token informs the API that the bearer of the token has been authorized to access the API and perform specific actions specified by the scope that was granted during authorization.

Calqulate uses JSON Web Token (JWT) to control access to the API.

JWT Access Tokens conform to the JWT standard and contain information about an entity in the form of claims.
They define a compact and self-contained way for securely transmitting information between parties as a JSON object.


Flow Diagram

This diagram shows a brief overview on how to use Calqulate's API

14641464

Prerequisites

You will need to sign up for a user account through our Website.

A complete explanation on how to create a Calqulate Account can be found here.

Once you create an account, you can generate a Bearer Token.


How to generate a Bearer Token

  1. Download any tool that will help you making API Calls. You can use Postman.
  2. From the Web App, Login & switch to the organization you want to access through the API (Not Mandatory, we will generate token for the last organization you used).
  3. Make a POST Request on https://api.calqulate.io/v3/oauth.
  4. The Body should contain the username and password you used to register in our app. Here is an example of the body
{
    "username": "[email protected]",
    "password": "!!password!!"
}
  1. If you entered the correct credentials, you will receive your JWT Access Token in the response. The response body will look like this
{
    "accessToken": "AAAAAAAAAAAAAAAAAAAA-ThisIsYourAccessToken-AAAAAAAAAAAAAAAAAAAA"
}

📘

NOTE

The gererated JWT will give you access only to the last organization you used from the Web App.

❗️

NOTE

You are responsible for the security of JWT Token. It should never be publicly exposed.

Now you have a JWT Access Token valid for 24 hours (you will need to regenerate a new one again after it expires).


How to use Calqulate's API

  1. Download any tool that will help you making API Calls. You can use Postman.
  2. Get the URI of the resource you want to access on our APIs. You can find all the provided APIs through our API Documentation
  3. Make sure you are sending the required Body or Query Params for the used endpoint.
  4. Add the generated JWT Token in the Request Header. The request header should contain the following
{
    "Authorization": "Bearer AAAAAAAAAAAAAAAAAAAA-ThisIsYourAccessToken-AAAAAAAAAAAAAAAAAAAA"
}
  1. Check the results in the response body.

Did this page help you?